Ensemble Learning-Based Anomaly Detection for Automotive in-Vehicle Networks

The Controller Area Network (CAN) bus is a largely employed communication protocol for in-vehicle communication. The absence of intrinsic security measures, such as authentication and encryption, within the CAN bus architecture opens exploitable vulnerabilities that adversaries may leverage to compromise vehicle functionality, thereby posing significant safety risks. The use of Artificial Intelligence (AI) in support of in-vehicle security facilitates robust, data-driven decision-making and prompt response actions. Nonetheless, ensuring the cybersecurity of autonomous vehicles remains a critical challenge when the computational resources are limited. In this context, this paper introduces an anomaly detection approach for CAN bus that exploits stacking and voting ensemble learning methods to classify and detect attacks. The proposed approach leverages machine learning models such as Decision Tree (DT), Logistic Regression (LR), Random Forest (RF), Extreme Gradient Boosting (XGBoost), and Light Gradient-Boosting Machine (LightGBM), to detect malicious activities of the attack in the shape of DOS, RPM, Gear, and Fuzzy attacks. Our results indicate that the proposed approach surpasses existing approaches in various evaluation metrics.